Synopsis: Moderate: python3 security update
Advisory ID: SLSA-2020:5010-1
Issue Date: 2020-11-10
CVE Numbers: CVE-2019-20907
CVE-2020-14422
—
Security Fix(es):
* python: infinite loop in the tarfile module via crafted TAR archive
(CVE-2019-20907)
* python: DoS via inefficiency in IPv{4,6}Interface classes
(CVE-2020-14422)
—
SL7
x86_64
python3-3.6.8-18.el7.x86_64.rpm
python3-debuginfo-3.6.8-18.el7.i686.rpm
python3-debuginfo-3.6.8-18.el7.x86_64.rpm
python3-libs-3.6.8-18.el7.i686.rpm
python3-libs-3.6.8-18.el7.x86_64.rpm
python3-3.6.8-18.el7.i686.rpm
python3-debug-3.6.8-18.el7.i686.rpm
python3-debug-3.6.8-18.el7.x86_64.rpm
python3-devel-3.6.8-18.el7.i686.rpm
python3-devel-3.6.8-18.el7.x86_64.rpm
python3-idle-3.6.8-18.el7.i686.rpm
python3-idle-3.6.8-18.el7.x86_64.rpm
python3-test-3.6.8-18.el7.i686.rpm
python3-test-3.6.8-18.el7.x86_64.rpm
python3-tkinter-3.6.8-18.el7.i686.rpm
python3-tkinter-3.6.8-18.el7.x86_64.rpm
– Scientific Linux Development Team
